GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
8,375 advisories
Filter by severity
PDF-XChange Editor JP2 File Parsing Memory Corruption Remote Code Execution Vulnerability. This...
High
Unreviewed
CVE-2023-39486
was published
May 3, 2024
PDF-XChange Editor PDF File Parsing Memory Corruption Remote Code Execution Vulnerability. This...
High
Unreviewed
CVE-2023-42043
was published
May 3, 2024
Kofax Power PDF PDF File Parsing Memory Corruption Remote Code Execution Vulnerability. This...
High
Unreviewed
CVE-2023-42037
was published
May 3, 2024
Kofax Power PDF PDF File Parsing Memory Corruption Remote Code Execution Vulnerability. This...
High
Unreviewed
CVE-2023-42036
was published
May 3, 2024
PDF-XChange Editor JP2 File Parsing Memory Corruption Remote Code Execution Vulnerability. This...
High
Unreviewed
CVE-2023-42047
was published
May 3, 2024
PDF-XChange Editor JP2 File Parsing Memory Corruption Remote Code Execution Vulnerability. This...
High
Unreviewed
CVE-2023-42078
was published
May 3, 2024
Trimble SketchUp Viewer SKP File Parsing Memory Corruption Remote Code Execution Vulnerability....
High
Unreviewed
CVE-2023-50187
was published
May 3, 2024
Kofax Power PDF J2K File Parsing Memory Corruption Remote Code Execution Vulnerability. This...
High
Unreviewed
CVE-2023-51608
was published
May 3, 2024
A vulnerability has been identified in PS/IGES Parasolid Translator Component (All versions < V27...
High
Unreviewed
CVE-2024-32058
was published
May 14, 2024
Improper buffer restrictions in PlatformPfrDxe driver in UEFI firmware for some Intel(R) Server...
High
Unreviewed
CVE-2024-23980
was published
May 16, 2024
Denial of Service via Zip/Decompression Bomb sent over HTTP or gRPC
High
CVE-2024-36129
was published
for
go.opentelemetry.io/collector/config/configgrpc
(Go)
Jun 5, 2024
Kofax Power PDF PDF File Parsing Memory Corruption Remote Code Execution Vulnerability. This...
High
Unreviewed
CVE-2024-5306
was published
Jun 6, 2024
The issue was addressed with improved memory handling. This issue is fixed in tvOS 17.5, iOS 16.7...
High
Unreviewed
CVE-2024-27820
was published
Jun 10, 2024
An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in...
High
Unreviewed
CVE-2024-27857
was published
Jun 10, 2024
The issue was addressed with improved bounds checks. This issue is fixed in tvOS 17.5, visionOS 1...
High
Unreviewed
CVE-2024-27851
was published
Jun 10, 2024
Microsoft Streaming Service Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2024-30090
was published
Jun 11, 2024
Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2024-35250
was published
Jun 11, 2024
An issue in htop-dev htop v.2.20 allows a local attacker to cause an out-of-bounds access in the...
High
Unreviewed
CVE-2024-37676
was published
Jun 20, 2024
A maliciously crafted CATPART, X_B and STEP, when parsed in ASMKERN228A.dll and ASMKERN229A.dll...
High
Unreviewed
CVE-2024-23147
was published
Jun 25, 2024
A maliciously crafted CATPRODUCT file, when parsed in CC5Dll.dll through Autodesk applications,...
High
Unreviewed
CVE-2024-23148
was published
Jun 25, 2024
A maliciously crafted X_B file, when parsed in pskernel.DLL through Autodesk applications, can...
High
Unreviewed
CVE-2024-37000
was published
Jun 25, 2024
A maliciously crafted CATPRODUCT file, when parsed in CC5Dll.dll through Autodesk applications,...
High
Unreviewed
CVE-2024-37006
was published
Jun 25, 2024
A maliciously crafted 3DM file, when parsed in opennurbs.dll and ASMkern229A.dll through Autodesk...
High
Unreviewed
CVE-2024-23156
was published
Jun 25, 2024
A maliciously crafted SLDASM or SLDPRT file, when parsed in ODXSW_DLL.dll through Autodesk...
High
Unreviewed
CVE-2024-23157
was published
Jun 25, 2024
In Modem, there is a possible system crash due to incorrect error handling. This could lead to...
High
Unreviewed
CVE-2024-20077
was published
Jul 1, 2024
ProTip!
Advisories are also available from the
GraphQL API